Try the new and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage


NIST requests comments on a revised draft (second public draft) report on NISTIR 7977, NIST Cryptographic Standards and Guidelines Development Process. This revised document describes the principles, processes and procedures behind our cryptographic standards development efforts. Please send comments to by March 27, 2015.


This draft results from a NIST-initiated review of its cryptographic standards development process in response to public concerns about the security of NIST cryptographic standards and guidelines.

It reflects NIST’s response to comments received on a February 2014 draft.

We are soliciting public comments on this revised draft to obtain further feedback on the principles and mechanisms we use to engage stakeholders and experts in industry, academia and government to develop these standards. A news release from NIST's Public Affairs Office on this revised draft can be found here. (An announcement can also be found on the CSRC Drafts page as well)

Comments will be reviewed and posted on the CSRC website. We expect to publish a final report based on this additional round of feedback. The revised publication will serve as basis for our future standards development efforts and review of existing standards.

Note to Reviewers:
NIST requests comments especially on the following:

  • Do the expanded and revised principles state appropriate drivers and conditions for NIST’s efforts related to cryptographic standards and guidelines?
  • Do the revised processes for engaging the cryptographic community provide the necessary inclusivity, transparency and balance to develop strong, trustworthy standards? Are they worded clearly and appropriately? Are there other processes that NIST should consider?
  • Do these processes include appropriate mechanisms to ensure that proposed standards and guidelines are reviewed thoroughly and that the views of interested parties are provided to and considered by NIST? Are there other mechanisms NIST should consider?
  • Are there other channels or mechanisms that NIST should consider in order to communicate most effectively with its stakeholders?

Back to Top of Page